What are Human Attributes?
Category: Human Trust Experience
Social Cooperation based on Trust, Voluntary Interaction and Human Capability
In many ways I agree with Malcolm Crompton’s conclusions 1-5 starting with the fact that we will not emerge with a way forward that is without flaws. That said there are keys omission I feel especially need to be addressed as well as one important requirement implemented.
Marcolm’s summarizing that “management of the risk of an interaction between two entities by the exchange of relevant, verified claims about attributes” is in my view inadequate. My reasons emerge below.
The NSTIC and IDESG is dedicated to enhancing human capability through enhanced economic opportunities for all sizes of entities, including individuals, to solve problems, invent and innovate goods and services, including accessing and engaging affordable education in cyberspace. Who would have concluded from reading the NSTIC Strategy and IDESG that the goal was in anyway to broker and exchange, monetize and churn the human attributes of individuals that participated in the Identity Ecosystem Framework. Often without his or her knowledge or consent.
My own view is that we are at a paradigm-shift tipping point. However dramatic that might seems it outlines a basic truth emerging from our efforts in IDESG and NSTIC. NSTIC and IDESG is asking for voluntary interaction and social cooperation to adopt the NSTIC and IDEF plan even though important and basic questions of social and economic fairness, human capability, and equity have not been or are just beginning to surface. Without justice as fairness what will cause us to come together, to cooperate, to voluntarily interact? This question goes directly to the basis of trustworthiness. If fairness doesn’t hold the IDEF functional model parts together what does? Like it or not all of us are interdependent. The new commercial social and economic paradigm requires the development and empowerment of a new symbiotic market based on social cooperation and human capability. Our trust-marks must be built on the understanding that trust is to a large extent is a human emotion and we must answer:
Why should individuals agree to participate in the IDEF without?
1. An understanding of how it will benefit them socially and economically.{Not having to type in passwords in grossly not enough of a benefit for the risks involved).
2. An understanding of how other parties in the transaction(s) will benefit economically and socially.
3. An understandable and clear conversation among the parties as to the terms of an interaction, implemented at the beginning of an interaction.
While UMA IDEmix may preserve some fairness and economic benefit for individuals these measures simply put something in the middle of a transaction that may benefit some individuals but the benefits may be uneven and increase costs to the individuals. What happens to those that don’t know about or understand these systems. More importantly it is likely that those that are already in a digital divide will remain there and the inequalities there will widen and deepen. Those of lesser means or some other chosen attribute may simply be filtered out. It will further stimulate and speed up the effort of large commercial entities to collect and secure for themselves the human attributes of people around the world often, without protections.
Additional Baseline Requirement
Principle Assumption
It should be possible for a human being to start from the position that his or her attributes belong to them in some basic way and that if a commercial interests want to use them they need to come to an agreement with the individual(s) involved. Such an approach would give an incentive to understanding and valuing the human condition and further incentivize increasing human capability.
This might be called a Social Cooperation Requirement and read as follows:
IDEF participants must be able to have a conversation that educates each other and the system as to the desires each party is seeking in the relationship and stating risks of the interaction. This conversation must be in understandable language suitable to each participant and their human capability. This conversation method will be developed and tested in many communities beginning now.
Regards,
Ann Racuya-Robbins
Human Capability and Human Trust
Human Capability and the Future of the Human Trust Experience
Did you see the example I contributed in response to Andrew’s question along the same lines. I have copied it below?
Last week I also suggested a process along with others for engaging a larger community for input.
Here are some other proposals:
A bit of taxonomy work on the wiki to collect more input around the core concepts of human capabilities, human attributes and personal information targeted to align with the Identity Ecosystem Framework IDEF dashboard. This could be done or not by a subgroup and should include outreach for input. This discussion should weight the fact that “personal information” has lost much of its meaning because it continues to be defined too narrowly and is perpetually playing catch up to changes in information systems, business practice and well, human capability. So to say we are dedicated to protecting personal information does not inspire much trust. This work could well be a trans-committee kind of work.
I have a proposal moving forward here and elsewhere on a Memorandum of Social Cooperation which operationalizes the
human capability approach beginning at Registration. One of the distinguishing features of the Memorandum of Social Cooperation is that it discusses the responsibilities of all parties in an IDEF transaction, not solely the providers’ responsibilities. I am mindful that HIPPA requirements begin at Registration and we might well look to aspects of HIPPA for Memorandum implementation. I believe there may be technical solutions aligned with these ideas and of course that is welcome.
Ryan you said “I would suggest that a requirement for encrypting audit and security logs would be well within the scope of what I have described—as long as the owner of those audit and security logs executes a function supporting the described transaction.” Excellent idea and the right direction forward in my view.
If we can voluntarily agree on ”what we are trying to protect” that is better than having to mandate compliance.
On Registration: you said “However, if you signed up to have a booklet
of coupons delivered to your house using an online form, that would currently be out of scope for
what we are considering.” Please elaborate why this is out of scope?
I will be providing alternative language to you “target statement” in another email.
My earlier example.
“Human capabilities are sometimes described as functions. More generally human capabilities refers to things a person can do, how a person can act.
For example, speaking (speech) is a human capability. When, by what means, how long, the pitch of the person’s voice, how loud a person speaks, where a person spoke from, whether a person used sign language… are human attributes that arise from the human capability to speak. Because human capabilities are dynamic and expanding so too human attributes are dynamic and expanding. In cyberspace and online environments human capabilities and the human attributes they create is a dynamic and expanding kind of information.
To protect this human capability, for example, American democracy created a right to free speech (with some provisos) which covers more or less all the human attributes that arise from speaking. For this reason we don’t have a right to speak limited to a device. So for example we don’t have a human right to speak limited to speaking on a telephone. This would limit and discourage the dynamic and expanding human function of speech. If a third party takes the human attributes created by a human capability and uses it to make money we would consider that an appropriation and a violation of copyright.
In cyberspace, online environments and information systems we draw on privacy provisions to protect the human capability and human attributes of speech.
In America there is general agreement (consensus if you will) that limiting the right to speak or appropriating speech erodes social cooperation in a society.
Regards,
Ann Racuya-Robbins”
Memorandum of Social Cooperation
Building Trusting Relationships
We need a new kind and way of building trusting relationships. I call this Memorandum of Social Cooperation. The purpose of such an agreement is to layout in easily understandable language the parameters of the relationship that will inspire and further social cooperation.
The Human Trust Experience in an Era of Big Data
Consumer, Manager, Domain Expert Proposal
Subtopic: Unmet Big Data requirements
1. Title
The Human Trust Experience (HTX) in an Era of Big Data
2. Point of Contact (Name, affiliation, email address, phone)
Ann Racuya-Robbins
World Knowledge Bank: Human Trust Experience Initiative
3. Working Group URL
https://www.humantrustexperience.net
4. Proposed panel topic: Unmet Big Data requirements
5. Abstract
The Human Trust Experience Initiative’s mission is to use Big Data to explore and lay the ground work for understanding the parameters, characteristics, attributes, information architecture, and reference and interaction models of the human trust experience in motion and at rest. Central premises of this work to be evaluated and interpreted are that:
• The human trust experience is foundational to Privacy, to the uptake of ICT innovation, education and the challenges of democratic governance.
• The human trust experience is a central component of all human labor and to individual and community well-being and survival.
• The human trust experience can be a measure and standard by which we understand and prioritize problem solving.
6. Working Group summary
• Create the human trust experience use case.
• Create the human trust experience context.
• Create a semiotics and information architecture of the human trust experience.
• Facilitate through CMS conversation about the tHTRX in a Big Data context.
7. Number of Participants, data working group began, frequency of meetings
December 2013
8. Target Audience
Individuals, Consumers and Producers of Big Data, Businesses, Government
9. Current initiatives
The Human Trust Experience Initiative
10. Specific Big Data Challenges:
Value, Valuation, Contextual Veracity, Identity, Pseudonymity, Anonymity, Privacy, Vetting, Contextual Vetting
11. Urgent research needs
12. Related Projects or Artifacts The Human Trust Experience: Informed Valuation Project
13. Big Data metrics (describe your data to make a Big impression)
Search, discovery, revelation, creation and analysis of the human trust experience from cyberspace data.
14. Keywords
human trust experience, value, valuation, informed valuation, informed contextual value, informed contextual valuation, contextual veracity, identity, pseudonymity, anonymity, privacy, risk management
Human Trust Experience is not spelled “Functional Model”
We need to intentionally build an id ecosystem that is transparent and open and teach each other how to use it.
We need to intentionally build an id ecosystem—a way for human beings to interact online—that is transparent and open and teach each other how to use it.
Data Marking, data tagging…just another dilemma falling into the metadata bucket. I think in general data tagging and data marking are desirable only from the RP et al point view not the “subject attributes” [sic] human users point of view and I don’t support it. But reasoning that human users can’t understand these concepts is groundless. Instead we need to a much better job of developing information systems using commonly understandable terms, functional models, what have you and letting the ecosystem emerge from the common ground. To wit I am submitting a Minority Function Model Report as a small step in that direction. This common ground needs to be aligned to universal human rights. The concepts being referred to here are not that hard to understand but the infrastructure now being built at IDESG may take a rocket scientist to translate and untangle. That is in part intentional. It doesn’t have to be this way. We need to intentionally build an id ecosystem that is transparent and open and teach each other how to use it.
From my perspective by encouraging individual users to do more “tagging” the server/organization that collects, uses, passes around that tagging simply has more information about that user…how they think…what they do. While problematic, difficult, and posing its own dilemmas for democratic countries, it stands to reason that intelligence and defense agencies would want to use such an approach. Is there something that is not relevant to know about the “enemy”?
Making attributes public doesn’t make them facts nor is the claim compelling that there is little of personal privacy significance. These issues are more or less about metadata. They need to come into public discussion. The IDESG is one of the places this discussion should happen. At last the 800lb metadata elephant is seeming a little less invisible.
For more visit AnnRacuya-Robbins,com
Human Trust Experience Meets Big Data
Human Trust Experience Meets Big Data
Developing Standards for a Human Trust Experience in a Time of Big Data
Over the last two months I have been participating in the Big Data Technology Roadmap through the NIST Public Working Group for Big Data. I think one of the needs here is the development of “Standards for a Human Trust Experience in a Time of Big Data”. I have requested to submit such a paper for a discussion group for the upcoming meeting in Washington DC.
Best Practices for Human Attributes
How to Move towards Trustworthy ground with Human Attributes
Human Attributes—all the aspects of a life—in online transaction environments—should progress towards the creation of Standards for the attributes-lifecycle. Such Standards should include how to respect, care and creatively treat those attributes. I think this is the right direction.
I think there should be a base Standard of assurance that will allow for the greatest range of transactions by the greatest number of participants. More on this later. Such a base standard of assurance should be agreeable by all stakeholders including individuals. This will require individuals to better understand monetization of human attributes and the crucial complex of the meaning of human attributes.
To move towards and achieve Standards for the attribute lifecycle a central challenge and dilemma must be undertaken to transparently articulate the relationship between Personally Identifiable Information (PII), attributes over a lifecycle and attributes that create PII through aggregation, provenance or other time related processes. We must acknowledge that PII and attributes are, more or less, on a continuum. The truth needs to be told that privacy requirements are not meaningful without taking on this challenge. I have some suggestions for standards in this area that I would like to forward at the proper time.
Here lie many perils and much promise.
Underserved Initiative Receives Approval
July 24th—Un and Underserved People’s Identity approach receives IDESG Privacy Committee Review approval. This means that wider adoption of such an approach is more feasible.
Un and Underserved Use Case Process Flow
One of the indices of the human trust experience is whether or not and the extent to which a person or organization creates work that serves others and interests separate and greater than themselves. My view is that particularly today economic development should wherever possible be designed to serve the under served first. To this end I have worked on a systemic approach (at the IDESG referred to as a “Use Case” for identity management and privacy for the Un and Underserved People for the Identity Ecosystem Steering Group (IDESG). In essence this approach allows individuals who have been left out of the existing online environment to piggy back into interactions and transactions online through identities received through Federally Insured bank accounts. This can be done remotely as well as in person. There are many advantages to this approach which will be reported on in the coming months. The good news is that on July 24th this approach received IDESG Privacy Committee Review approval. This means that wider adoption of such an approach is more feasible.
For complete information see https://www.idecosystem.org/wiki/Un_and_Underserved_People_Use_Case
Use Case Description
“Use Case Purpose”: Un and Underserved People Enter the IDESG Identity Ecosystem.
Un and Underserved refers to people that do not have, have lost, or have inadequate digital identities to enable them to participate in the secure and resilient, cost effective and easy to use, privacy enhancing and voluntary interoperable online Identity Ecosystem envisioned by NSTIC and the IDESG. Currently there are barriers to and opportunities for the Un and Underserved to enter the IDESG Identity Ecosystem. Such barriers may be, limited financial means, physical disadvantage or challenge, language differences, loss of employment, to name but a few. Such opportunities may be new products and services to remove these barriers, innovations in serving this community as well as greater social cohesion and internet-wide cyber-security. Importantly, many of the Un and Underserved are also financially un and underserved. Today 68 million American adults are un or under banked. More than 2.5 billion adults around the world are unbanked.
The goal of this use case is to leverage existing programs and services, for example the FDIC “Safe Account” program, to allow the Un and Underserved to use their “Safe Account” bank account enrollment process as a means of obtaining a digital identity and entering the IDESG Identity Ecosystem. Being Un and Underserved is not a new problem but one that has had a long (perhaps going back to the beginnings of money and then banking)and often intractable set of complexities. The efficiencies of cyberspace (the internet) provides an historic opportunity to bridge this gap.
Scenario(Example): Julia, a prospective underserved financial services customer, wants to open a bank account as well as obtain an digital identity for use in the IDESG Identity Ecosystem. Julia learns of a FDIC “Safe Account” type of account at her local community center which allows her to apply for an account and subsequently obtain a digital identity. Julia applies for and gets an FDIC “Safe Account” through an FDIC insured bank or equivalent financial institution compliant with 31 CFR 1020.220 – Customer identification programs (CIP) for banks, savings associations, credit unions, and certain non-Federally regulated banks. Or other acceptable customer identification program. The enrollment vetting process into a “Safe Account” serves the vetting requirements for Julia to obtain her digital identity. After a period of successful Safe Account practices Julia uses her Safe Account history and digital identity to apply for an FCCX credential or other governmental credential for accessing government services. Julia receives the government credential and uses the government credential to apply for other online services and products including more financial services. Julia is able to step by step build access to a wide range of products and services she will need and use as she provides for her family and builds her entrepreneurial life as a clothes designer and pattern maker.
Goals Summary: Julia will be able to obtain an digital credential with the qualifications used to obtain her Safe Account. Julia will be able manage her finances in a secure and insured or protected environment where she can increase her income through entrepreneurship, improving the quality of life for herself and her son, the economic activity in her neighborhood through her purchases, and tax receipts to her city and state. Julia will be able to interact with some government and non-profit services improving confidence in government and non-profit institutions and financial institutions including banking. The financial institutions and non-profit organizations, government agencies and healthcare providers will be able to increase the number of their customers/participants. Through this use case a broad range of stakeholders are brought together to share risks and rewards in creating an online Identity Ecosystem Framework where economic opportunity, productivity and human well being are harmonized.
Actors:
- 1 Un and Underserved People.
- 2 Financial Institutions.
- 3 Non-profit Organizations.
- 4 Government.
- 5 Insurance entities.
- 6 Any Relying Party or Service Provider in the IDESG Identity Ecosystem that complies with the NSTIC principles and has a Trustmark Accreditation.
- 7 Alternative Financial Services.
Assumptions Un and Underserved Person applies in person at the Financial Institution or uses an acceptable electronic means of application including for example Treasury’s OCIP that has brought together the FSSCC, DHS, and NIST to create a Cooperative Research and Development Agreement on identity proofing, which has identified new methods for satisfying the “know your customer” requirements of financial institutions. Financial Institution must be a FDIC insured bank or equivalent. The digital identity meets the needs of relying parties.
Process Flow
This use case is unique in that the person, Julia and her son in this case, exist outside an online Identity Ecosystem. Entering the Identity Ecosystem is a kind of state change, so to speak, for Julia. The other stakeholders are already inside the Identity Ecosystem. The process of entering the ecosystem should be done with care by all stakeholders. Success Scenario Julia is able to enroll in a Safe Account that provides her with a digital identity useful in the ID Ecosystem for products and services and for federal, state and local governments. Julia can also apply for and potentially receive other digital identities from other ID Ecosystem providers enlarging the range of products and online services, including financial she can access.